<?php
/**
 * 需要输入个人密码才能看到页面
 */
apf_require_class("APF_Interceptor");
apf_require_class("Portal_Urls");
apf_require_class("Bll_Flow_UserSecurityKey");
class CheckUserSecurityInterceptor extends APF_Interceptor {
    public function before () {
        $this->_check_controll();
        return self::STEP_CONTINUE;
    }

    public function after () {
        return self::STEP_CONTINUE;
    }

    private function _check_controll() {
        $controll = get_class(APF::get_instance()->get_current_controller());
        $controll = substr($controll,0,strlen($controll)-10);
        $controll_list = APF::get_instance()->get_config("check_user_security_controller");
        if(in_array($controll,$controll_list)) {
            $s = $this->_check_enable();
            if($s) {
                if($controll != "Flow_VerifySecurity") {
                    $url='http://'.$_SERVER['SERVER_NAME'].$_SERVER["REQUEST_URI"];
                    APF::get_instance()->get_response()->redirect(Portal_Urls::jump_url()."?url=".base64_encode($url));
                }
            }
        }
        return true;
    }

    /**
     * 默认需要输入访问的密码
     * @return boolean
     */
    private function _check_enable() {
        #1.是否为该用户设置了密文，未设置就不需要访问密码
        $is_enable = $this->_check_user_enable();
        if(!$is_enable) {
            return false;
        }
        #2.session值 = 1 需要输入密文
        if(isset($_SESSION['user_security_enable']) && $_SESSION['user_security_enable'] == '1'){
            return false;
        }
        return true;
    }

    private function _check_user_enable() {
        $bll_key = new Bll_Flow_UserSecurityKey();
        $data = APF::get_instance()->get_request()->get_attributes();
        if(empty($data['userinfo']['user_id'])) {
            return false;
        }
        $rs = $bll_key->get_user_miwen($data['userinfo']['user_id']);
        return $rs ? true:false;
    }
}
?>